Uploaded image for project: 'OpenAM Agents'
  1. OpenAM Agents
  2. AMAGENTS-469

Browser hang in PDP with agent 4.1 using mod_jk with a fileupload servlet

    XMLWordPrintable

    Details

      Description

      Set up a fileupload servlet on tomcat
      set up modjk to proxy from httpd to tomcat for your servlet (in my case /fileup)
      set up post data preservation.
      add a non-enforced url on http://rock.example.com:80/fileup/upload.html
      add a policy for http://rock.example.com:80/fileup/* to allow post,put,head,get to all authenticated users

      Clear cache and access http://rock.example.com:80/fileup/upload.html this displays because it is not enforced
      Upload 1k-32k files

      Without the agent accessing the fileupload directly or via the proxy eg http://localhost:18080/fileup/upload.html or http://rock.example.com:80/fileup/upload.html files are able to be added (1k-32k tested)

      Add in the agent and restart.

      Expected
      Files should be uploaded and PDP files removed from the PDP directory

      Actual
      Browser hangs, PDP files remain and last message is this:
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/process.c:395] setup_request_data():
      method: POST
      original url: http://rock.example.com/dummypost/ampostpreserve?ca3c04ed-eb8b-9a43-892a-09b8f5ffb17b
      proto: http
      host: rock.example.com
      port: 80
      path: /dummypost/ampostpreserve
      query: ?ca3c04ed-eb8b-9a43-892a-09b8f5ffb17b
      complete: http://rock.example.com:80/dummypost/ampostpreserve?ca3c04ed-eb8b-9a43-892a-09b8f5ffb17b
      overridden: http://rock.example.com:80/dummypost/ampostpreserve?ca3c04ed-eb8b-9a43-892a-09b8f5ffb17b
      pathinfo: (empty)
      normalized (pathinfo removed): (empty)
      overridden (pathinfo removed): (empty)
      2017-04-26 11:29:05.821 +0100 WARNING [0x7ff0e7a75700:25710] setup_request_data(): HTTP POST should contain a valid Content-Type header value, defaulting to application/octet-stream
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/process.c:410] validate_url():
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/process.c:422] validate_url(): request url validation feature is not enabled
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/process.c:430] handle_notification():
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/process.c:444] handle_notification(): http://rock.example.com:80/dummypost/ampostpreserve?ca3c04ed-eb8b-9a43-892a-09b8f5ffb17b is not an agent notification url http://rock.example.com:80/UpdateAgentCacheServlet?shortcircuit=false
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/process.c:486] validate_fqdn_access():
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/process.c:506] validate_fqdn_access(): host name rock.example.com is valid (maps to fqdn default: rock.example.com)
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/process.c:914] validate_token():
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/utility.c:1060] get_cookie_value(: parsing cookie header: amlbcookie=01; iPlanetDirectoryPro=AQIC5wM2LY4SfcwiBJtKNzXxV3VzQt6XAFTAmdRnT_a8M5U.AAJTSQACMDEAAlNLABQtNTczODIyMjQ0NDkzNzEyMDkwNQACUzEAAA..
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/utility.c:1060] get_cookie_value(=): parsing cookie header: iPlanetDirectoryPro=AQIC5wM2LY4SfcwiBJtKNzXxV3VzQt6XAFTAmdRnT_a8M5U.AAJTSQACMDEAAlNLABQtNTczODIyMjQ0NDkzNzEyMDkwNQACUzEAAA..
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/process.c:1028] validate_token(): sso token: AQIC5wM2LY4SfcwiBJtKNzXxV3VzQt6XAFTAmdRnT_a8M5U.AAJTSQACMDEAAlNLABQtNTczODIyMjQ0NDkzNzEyMDkwNQACUzEAAA.., status: success
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/process.c:1035] validate_token(): sso token SI: 01, S1:
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/process.c:558] handle_not_enforced():
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/process.c:586] handle_not_enforced(): post preserve url is not enforced
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/process.c:2139] handle_exit(): (entry status: success)
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/process.c:1912] set_user_attributes(): all set user attribute options are set to none
      2017-04-26 11:29:05.821 +0100 DEBUG [0x7ff0e7a75700:25710][source/process.c:2356] handle_exit(): found post data preservation cache entry: ca3c04ed-eb8b-9a43-892a-09b8f5ffb17b, url: /fileup/UploadServlet, file: /opt/web_agents/apache24_agent/bin/../log/ca3c04ed-eb8b-9a43-892a-09b8f5ffb17b, content type: multipart/form-data; boundary=---------------------------377905043373685181835813455
      2017-04-26 11:29:05.822 +0100 DEBUG [0x7ff0e7a75700:25710][source/apache/agent.c:546] set_custom_response(): issuing POST sub-request to /fileup/UploadServlet (multipart/form-data; boundary=---------------------------377905043373685181835813455), status 200

      Variants
      Second request is not affected (eg once authenticated it is fine). You must therefore delete cache between different file sizes.
      It doesn't matter if org.forgerock.agents.config.lares.cookie.compatibility.mode=true

        Attachments

        1. 3_logged_in.log
          12 kB
        2. 4_not_logged_in.log
          28 kB
        3. agent_export.conf
          5 kB
        4. fileup.zip
          754 kB

          Issue Links

            Activity

              People

              mareks Mareks Malnacs
              alex.levin@forgerock.com Alex Levin
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: